GLSA-201710-08 : Pacemaker: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201710-08 Pacemaker: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Pacemaker. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary code or a local...

Pacemaker: Multiple vulnerabilities

Background Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters. Description Multiple vulnerabilities have been discovered in Pacemaker. Please review the referenced CVE identifiers for details. Impact A remote attacker could execute arbitrary...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

Abbott Laboratories Multiple Pacemaker Products Erroneously Encrypt Sensitive Data Vulnerability

Accent, Anthem, Accent MRI, Assurity, Allure and Assurity MRI are implantable medical devices from Abbott Laboratories USA. Multiple Abbott Laboratories pacemaker products are vulnerable to incorrectly encrypting sensitive data, with the Accent and Anthem pacemakers transmitting unencrypted patie...

Unauthorized Access Vulnerability in Various Abbott Laboratories Pacemaker Products

Accent, Anthem, Accent MRI, Assurity, Allure and Assurity MRI are implantable medical devices from Abbott Laboratories USA. An unauthorized access vulnerability exists in several Abbott Laboratories pacemaker products, where pacemaker authentication algorithms involving authentication keys and...

ICSMA-17-241-01_Abbott Laboratories ' Accent/Anthem, Accent MRI, Assurity/Allure, and Assurity MRI Pacemaker Vulnerabilities

OVERVIEW MedSec Holdings Ltd has identified vulnerabilities in Abbott Laboratories’ formerly St. Jude Medical pacemakers. Abbott has produced a firmware patch to help mitigate the identified vulnerabilities in their pacemakers that utilize radio frequency RF communications. A third-party security...

Online pacemaker the presence of up to 8,000 application vulnerabilities-vulnerability warning-the black bar safety net

WhiteScope is an independent network of security services and training provider, they just released a study that shows from the four major manufacturers of pacemakers the presence of 8,000 application vulnerabilities, vulnerable to hacker attacks. WhiteScope for security reasons and not released...

Pacemaker Ecosystem Fails its Cybersecurity Checkup

Pacemakers continue to be the front line of medical device security debates after a research paper published this week described a frightening list of cybersecurity issues plaguing devices built by leading manufacturers, including a lack of authentication and encryption, and the use of third-part...

pcs daemon session fixation vulnerability

PCS is a set of tools for configuring and managing Pacemaker and Corosync clustering software using the command line and web UI. A session fixation vulnerability exists in the pcs daemon. An attacker can exploit the vulnerability to hijack arbitrary sessions and gain unauthorized access to affect...

pcs Cross-Site Request Forgery Vulnerability

PCS is a set of tools for configuring and managing Pacemaker and Corosync clustering software using the command line and web UI. A cross-site request forgery vulnerability exists in pc, which can be exploited by remote attackers to perform certain unauthorized actions and access affected...

[SECURITY] Fedora 25 Update: pcs-0.9.156-2.fc25

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

[SECURITY] Fedora 24 Update: pcs-0.9.156-2.fc24

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

Design/Logic Flaw

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...

DEBIAN-CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...

CVE-2016-7797

CVE-2016-7797 affects Pacemaker prior to 1.1.15. The issue can allow a remote, unauthenticated attacker (via pacemaker remote) to cause a denial of service resulting in node disconnection. The connected sources corroborate the high-level impact and reference related advisories (e.g., RHSA-2016:25...

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service node disconnection via an unauthenticated connection...